Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Multiple 0-days in Dark Comet RAT
From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Wed, 10 Oct 2012 14:06:06 -0700

It's InfoSec. Nothing has any meaning anymore.  Or, better stated, things means whatever people want them to mean in 
order to forward their agenda.  When we talked about full disclosure a while back, somebody said I was "jaded" as if it 
meant I had "clouded judgement."  They were actually right though, as jaded" means "negative by way of experience."  

I remember when people started using metrics like "moderately critical" to describe their [what they called] 0-day XSS 
vulnerability for some ancient CRM package. That way they get to say they published 14,000 0-days on their marketing 
material. 

Some dude recently posted on a professional list how he routinely cracks the NTLMv2 hashes for 10,000 users in 36 hours 
with rainbow tables.  Of course every single part of the statement is complete BS but no one (except me) even blinked. 

People talk about how stupid users are, but I think the people in the industry are far worse. 

Sent from whatever device will keep us from debating which one is better.

On Oct 9, 2012, at 9:59 AM, Philip Whitehouse <philip () whiuk com> wrote:

Does 0-day have any meaning any more? It used to mean there were exploits in the wild used to cause damage before the 
vendor patched it not merely that a security researcher found it and disclosed it to the public before the vendor did.

If a 0 day is everything found by a security team before a vendor then the term will loose all purpose and meaning 
because almost all work done by such researchers is finding vulns. before the vendor.

End rant.

Philip Whitehouse

On 8 Oct 2012, at 21:33, "Hertz, Jesse" <jesse_hertz () brown edu> wrote:

SQL Injection and Arbitrary File Access present in Command and Control server of DarkComet RAT

for more info see:
http://matasano.com/research/PEST-CONTROL.pdf
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault